Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_YcPqc3UGdeVS_ErURJvU3a6KAc.roa
File: _YcPqc3UGdeVS_ErURJvU3a6KAc.roa (raw, json)
Hash identifier: Xq2d7Eiw7rppB5o0klFgWs6Qcw2XCQrC51XkQ40DmPg=
Subject key identifier: FD:87:0F:A9:CD:D4:19:D7:95:4B:F1:2B:51:12:6F:53:76:BA:28:07
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CA5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_YcPqc3UGdeVS_ErURJvU3a6KAc.roa
Signing time: Fri 23 May 2025 22:38:30 +0000
ROA not before: Fri 23 May 2025 22:38:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3237 (0xca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 22:38:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD870FA9CDD419D7954BF12B51126F5376BA2807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9d:e8:65:da:c6:f3:0b:a7:8a:a6:09:3f:f9:
99:a5:d4:fd:c5:22:3c:77:fa:d4:9c:74:37:56:59:
ae:b3:e6:56:3d:66:3d:ef:b9:25:07:01:b4:3e:d6:
39:9b:18:98:d3:6d:95:ff:7c:43:e2:8e:d4:73:29:
3e:03:5b:ec:b1:14:e4:7c:8f:4e:64:8c:98:60:1b:
b1:0a:e0:8e:19:6f:b9:83:28:bd:d4:66:88:06:96:
ee:36:16:0d:d8:77:83:59:9e:93:64:b8:c6:8d:8f:
29:f1:a3:80:75:fc:32:eb:94:94:bd:29:f4:30:f7:
98:70:93:65:36:a9:4b:0c:01:71:45:9e:c4:ee:88:
32:fc:2a:c6:bd:14:6d:7e:73:66:39:a7:a1:84:ad:
ad:91:a9:fa:40:61:6f:98:f4:29:f5:15:50:10:f6:
cb:74:4e:ab:56:e1:56:43:a3:66:3a:9f:e3:5b:77:
c3:3d:67:f1:e5:00:9e:63:ef:2f:88:42:c9:cf:62:
7a:05:e9:8d:c3:eb:09:bc:41:0b:c8:87:89:7e:0c:
60:30:e2:24:2e:68:3d:d5:d2:c2:88:ee:52:c5:d5:
8f:ee:a2:99:48:b5:a8:da:6b:46:b7:62:02:13:ac:
0a:54:20:19:c2:d6:33:4f:d9:3d:49:1e:97:19:61:
b0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:87:0F:A9:CD:D4:19:D7:95:4B:F1:2B:51:12:6F:53:76:BA:28:07
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_YcPqc3UGdeVS_ErURJvU3a6KAc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:72:1c:a8:f5:d1:2f:54:ae:a7:82:31:8a:6f:61:23:01:f8:
98:8e:50:6f:4c:93:63:78:03:0e:7d:70:be:30:05:17:2e:d2:
f4:6d:31:a6:b7:4e:a5:3c:a1:8a:ae:a8:1b:8c:e1:e4:e4:f5:
58:67:8d:72:db:2f:07:8e:da:98:8f:78:b3:b6:f2:d6:5f:83:
f4:81:00:89:b1:08:ec:1b:ee:2b:15:d7:45:e9:01:34:f3:57:
83:93:bf:ae:4b:7f:a0:d9:e6:e9:e9:6d:f1:da:3b:6f:dd:c1:
ad:a8:4c:46:94:c1:c0:fe:01:60:7f:43:94:f9:22:f8:5c:f2:
43:1f:d6:28:45:b1:cd:9e:70:14:f4:f5:15:01:12:39:e1:13:
72:a6:aa:f7:b1:c9:29:09:49:c8:92:bc:03:f4:58:c4:d0:ad:
c5:3d:2e:86:2a:1e:a8:9c:0e:f5:b6:ff:17:3a:ee:96:59:07:
e8:82:df:a8:63:54:07:5b:10:c9:f5:90:85:ca:68:4e:b9:0a:
3a:0e:06:ec:8d:24:35:42:cd:1d:94:2a:88:a3:32:08:cb:b4:
68:be:bc:02:4a:21:83:01:b5:cd:8b:52:e7:48:fc:bc:a4:7a:
75:5a:68:2f:69:66:bf:86:35:8c:5b:4c:a3:e3:89:4d:96:7d:
6e:9d:0f:8c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMy
MjM4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEODcwRkE5Q0RENDE5
RDc5NTRCRjEyQjUxMTI2RjUzNzZCQTI4MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCunehl2sbzC6eKpgk/+Zml1P3FIjx3+tScdDdWWa6z5lY9Zj3v
uSUHAbQ+1jmbGJjTbZX/fEPijtRzKT4DW+yxFOR8j05kjJhgG7EK4I4Zb7mDKL3U
ZogGlu42Fg3Yd4NZnpNkuMaNjynxo4B1/DLrlJS9KfQw95hwk2U2qUsMAXFFnsTu
iDL8Ksa9FG1+c2Y5p6GEra2RqfpAYW+Y9Cn1FVAQ9st0TqtW4VZDo2Y6n+Nbd8M9
Z/HlAJ5j7y+IQsnPYnoF6Y3D6wm8QQvIh4l+DGAw4iQuaD3V0sKI7lLF1Y/uoplI
tajaa0a3YgITrApUIBnC1jNP2T1JHpcZYbALAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/YcPqc3UGdeVS/ErURJvU3a6KAcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fWWNQcWMzVUdkZVZTX0Vy
VVJKdlUzYTZLQWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADVyHKj10S9UrqeCMYpvYSMB+JiOUG9Mk2N4
Aw59cL4wBRcu0vRtMaa3TqU8oYquqBuM4eTk9VhnjXLbLweO2piPeLO28tZfg/SB
AImxCOwb7isV10XpATTzV4OTv65Lf6DZ5unpbfHaO2/dwa2oTEaUwcD+AWB/Q5T5
Ivhc8kMf1ihFsc2ecBT09RUBEjnhE3KmqvexySkJSciSvAP0WMTQrcU9LoYqHqic
DvW2/xc67pZZB+iC36hjVAdbEMn1kIXKaE65CjoOBuyNJDVCzR2UKoijMgjLtGi+
vAJKIYMBtc2LUudI/LykenVaaC9pZr+GNYxbTKPjiU2WfW6dD4w=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:54:20 2025 by rpki-client